Suricata: Network intrusion detection and prevention engine

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors.

The engine is multi-threaded and has native IPv6 support. It’s capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

New features in version 0.9.0:

  • Support for the http_headers keyword was added
  • libhtp was updated to version 0.2.3
  • Privilege dropping using libcap-ng is now supported
  • Proper support for “pass” rules was added
  • Inline mode for Windows was added.



Share this